1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.persistence;
24  
25  import com.liferay.portal.SystemException;
26  import com.liferay.portal.kernel.dao.orm.FinderCacheUtil;
27  import com.liferay.portal.kernel.dao.orm.FinderPath;
28  import com.liferay.portal.kernel.dao.orm.QueryPos;
29  import com.liferay.portal.kernel.dao.orm.SQLQuery;
30  import com.liferay.portal.kernel.dao.orm.Session;
31  import com.liferay.portal.kernel.dao.orm.Type;
32  import com.liferay.portal.kernel.util.ArrayUtil;
33  import com.liferay.portal.kernel.util.ListUtil;
34  import com.liferay.portal.kernel.util.StringUtil;
35  import com.liferay.portal.model.Group;
36  import com.liferay.portal.model.Permission;
37  import com.liferay.portal.model.Role;
38  import com.liferay.portal.model.impl.PermissionImpl;
39  import com.liferay.portal.model.impl.PermissionModelImpl;
40  import com.liferay.portal.service.persistence.impl.BasePersistenceImpl;
41  import com.liferay.util.dao.orm.CustomSQLUtil;
42  
43  import java.util.ArrayList;
44  import java.util.Iterator;
45  import java.util.List;
46  
47  /**
48   * <a href="PermissionFinderImpl.java.html"><b><i>View Source</i></b></a>
49   *
50   * @author Brian Wing Shun Chan
51   */
52  public class PermissionFinderImpl
53      extends BasePersistenceImpl implements PermissionFinder {
54  
55      public static String COUNT_BY_GROUPS_PERMISSIONS =
56          PermissionFinder.class.getName() + ".countByGroupsPermissions";
57  
58      public static String COUNT_BY_GROUPS_ROLES =
59          PermissionFinder.class.getName() + ".countByGroupsRoles";
60  
61      public static String COUNT_BY_ROLES_PERMISSIONS =
62          PermissionFinder.class.getName() + ".countByRolesPermissions";
63  
64      public static String COUNT_BY_USER_GROUP_ROLE =
65          PermissionFinder.class.getName() + ".countByUserGroupRole";
66  
67      public static String COUNT_BY_USERS_PERMISSIONS =
68          PermissionFinder.class.getName() + ".countByUsersPermissions";
69  
70      public static String COUNT_BY_USERS_ROLES =
71          PermissionFinder.class.getName() + ".countByUsersRoles";
72  
73      public static String FIND_BY_A_R =
74          PermissionFinder.class.getName() + ".findByA_R";
75  
76      public static String FIND_BY_G_R =
77          PermissionFinder.class.getName() + ".findByG_R";
78  
79      public static String FIND_BY_R_R =
80          PermissionFinder.class.getName() + ".findByR_R";
81  
82      public static String FIND_BY_U_R =
83          PermissionFinder.class.getName() + ".findByU_R";
84  
85      public static String FIND_BY_O_G_R =
86          PermissionFinder.class.getName() + ".findByO_G_R";
87  
88      public static String FIND_BY_U_A_R =
89          PermissionFinder.class.getName() + ".findByU_A_R";
90  
91      public static String FIND_BY_G_C_N_S_P =
92          PermissionFinder.class.getName() + ".findByG_C_N_S_P";
93  
94      public static String FIND_BY_U_C_N_S_P =
95          PermissionFinder.class.getName() + ".findByU_C_N_S_P";
96  
97      public static final FinderPath FINDER_PATH_COUNT_BY_ROLES_PERMISSIONS =
98          new FinderPath(
99              PermissionModelImpl.ENTITY_CACHE_ENABLED,
100             PermissionModelImpl.FINDER_CACHE_ENABLED, "Roles_Permissions",
101             "customCountByRolesPermissions",
102             new String[] {
103                 java.util.List.class.getName(), java.util.List.class.getName()
104             });
105 
106     public static final FinderPath FINDER_PATH_FIND_BY_A_R = new FinderPath(
107         PermissionModelImpl.ENTITY_CACHE_ENABLED,
108         PermissionModelImpl.FINDER_CACHE_ENABLED,
109         PermissionPersistenceImpl.FINDER_CLASS_NAME_LIST, "customFindByA_R",
110         new String[] {
111             String.class.getName(), "[L" + Long.class.getName()
112         });
113 
114     public boolean containsPermissions_2(
115             List<Permission> permissions, long userId, List<Group> groups,
116             long groupId)
117         throws SystemException {
118 
119         Session session = null;
120 
121         try {
122             session = openSession();
123 
124             String sql = null;
125 
126             StringBuilder sb = new StringBuilder();
127 
128             if (groups.size() > 0) {
129                 sb.append("(");
130                 sb.append(CustomSQLUtil.get(COUNT_BY_GROUPS_ROLES));
131                 sb.append(") ");
132 
133                 sql = sb.toString();
134 
135                 sql = StringUtil.replace(
136                     sql, "[$PERMISSION_IDS$]",
137                     getPermissionIds(permissions, "Roles_Permissions"));
138                 sql = StringUtil.replace(
139                     sql, "[$GROUP_IDS$]", getGroupIds(groups, "Groups_Roles"));
140 
141                 sb = new StringBuilder();
142 
143                 sb.append(sql);
144 
145                 sb.append("UNION ALL (");
146                 sb.append(CustomSQLUtil.get(COUNT_BY_GROUPS_PERMISSIONS));
147                 sb.append(") ");
148 
149                 sql = sb.toString();
150 
151                 sql = StringUtil.replace(
152                     sql, "[$PERMISSION_IDS$]",
153                     getPermissionIds(permissions, "Groups_Permissions"));
154                 sql = StringUtil.replace(
155                     sql, "[$GROUP_IDS$]",
156                     getGroupIds(groups, "Groups_Permissions"));
157 
158                 sb = new StringBuilder();
159 
160                 sb.append(sql);
161 
162                 sb.append("UNION ALL ");
163             }
164 
165             sb.append("(");
166             sb.append(CustomSQLUtil.get(COUNT_BY_USERS_ROLES));
167             sb.append(") ");
168 
169             sql = sb.toString();
170 
171             sql = StringUtil.replace(
172                 sql, "[$PERMISSION_IDS$]",
173                 getPermissionIds(permissions, "Roles_Permissions"));
174 
175             sb = new StringBuilder();
176 
177             sb.append(sql);
178 
179             sb.append("UNION ALL (");
180             sb.append(CustomSQLUtil.get(COUNT_BY_USER_GROUP_ROLE));
181             sb.append(") ");
182 
183             sql = sb.toString();
184 
185             sql = StringUtil.replace(
186                 sql, "[$PERMISSION_IDS$]",
187                 getPermissionIds(permissions, "Roles_Permissions"));
188 
189             sb = new StringBuilder();
190 
191             sb.append(sql);
192 
193             sb.append("UNION ALL (");
194             sb.append(CustomSQLUtil.get(COUNT_BY_USERS_PERMISSIONS));
195             sb.append(") ");
196 
197             sql = sb.toString();
198 
199             sql = StringUtil.replace(
200                 sql, "[$PERMISSION_IDS$]",
201                 getPermissionIds(permissions, "Users_Permissions"));
202 
203             SQLQuery q = session.createSQLQuery(sql);
204 
205             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
206 
207             QueryPos qPos = QueryPos.getInstance(q);
208 
209             if (groups.size() > 0) {
210                 setPermissionIds(qPos, permissions);
211                 setGroupIds(qPos, groups);
212                 setPermissionIds(qPos, permissions);
213                 setGroupIds(qPos, groups);
214             }
215 
216             setPermissionIds(qPos, permissions);
217             qPos.add(userId);
218 
219             qPos.add(groupId);
220             setPermissionIds(qPos, permissions);
221             qPos.add(userId);
222 
223             setPermissionIds(qPos, permissions);
224             qPos.add(userId);
225 
226             Iterator<Long> itr = q.list().iterator();
227 
228             while (itr.hasNext()) {
229                 Long count = itr.next();
230 
231                 if ((count != null) && (count.intValue() > 0)) {
232                     return true;
233                 }
234             }
235 
236             return false;
237         }
238         catch (Exception e) {
239             throw new SystemException(e);
240         }
241         finally {
242             closeSession(session);
243         }
244     }
245 
246     public boolean containsPermissions_4(
247             List<Permission> permissions, long userId, List<Group> groups,
248             List<Role> roles)
249         throws SystemException {
250 
251         Session session = null;
252 
253         try {
254             session = openSession();
255 
256             String sql = null;
257 
258             StringBuilder sb = new StringBuilder();
259 
260             if (groups.size() > 0) {
261                 sb.append("(");
262                 sb.append(CustomSQLUtil.get(COUNT_BY_GROUPS_PERMISSIONS));
263                 sb.append(") ");
264 
265                 sql = sb.toString();
266 
267                 sql = StringUtil.replace(
268                     sql, "[$PERMISSION_IDS$]",
269                     getPermissionIds(permissions, "Groups_Permissions"));
270                 sql = StringUtil.replace(
271                     sql, "[$GROUP_IDS$]",
272                     getGroupIds(groups, "Groups_Permissions"));
273 
274                 sb = new StringBuilder();
275 
276                 sb.append(sql);
277 
278                 sb.append("UNION ALL ");
279             }
280 
281             if (roles.size() > 0) {
282                 sb.append("(");
283                 sb.append(CustomSQLUtil.get(COUNT_BY_ROLES_PERMISSIONS));
284                 sb.append(") ");
285 
286                 sql = sb.toString();
287 
288                 sql = StringUtil.replace(
289                     sql, "[$PERMISSION_IDS$]",
290                     getPermissionIds(permissions, "Roles_Permissions"));
291                 sql = StringUtil.replace(
292                     sql, "[$ROLE_IDS$]",
293                     getRoleIds(roles, "Roles_Permissions"));
294 
295                 sb = new StringBuilder();
296 
297                 sb.append(sql);
298 
299                 sb.append("UNION ALL ");
300             }
301 
302             sb.append("(");
303             sb.append(CustomSQLUtil.get(COUNT_BY_USERS_PERMISSIONS));
304             sb.append(") ");
305 
306             sql = sb.toString();
307 
308             sql = StringUtil.replace(
309                 sql, "[$PERMISSION_IDS$]",
310                 getPermissionIds(permissions, "Users_Permissions"));
311 
312             SQLQuery q = session.createSQLQuery(sql);
313 
314             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
315 
316             QueryPos qPos = QueryPos.getInstance(q);
317 
318             if (groups.size() > 0) {
319                 setPermissionIds(qPos, permissions);
320                 setGroupIds(qPos, groups);
321             }
322 
323             if (roles.size() > 0) {
324                 setPermissionIds(qPos, permissions);
325                 setRoleIds(qPos, roles);
326             }
327 
328             setPermissionIds(qPos, permissions);
329             qPos.add(userId);
330 
331             Iterator<Long> itr = q.list().iterator();
332 
333             while (itr.hasNext()) {
334                 Long count = itr.next();
335 
336                 if ((count != null) && (count.intValue() > 0)) {
337                     return true;
338                 }
339             }
340 
341             return false;
342         }
343         catch (Exception e) {
344             throw new SystemException(e);
345         }
346         finally {
347             closeSession(session);
348         }
349     }
350 
351     public int countByGroupsPermissions(
352             List<Permission> permissions, List<Group> groups)
353         throws SystemException {
354 
355         Session session = null;
356 
357         try {
358             session = openSession();
359 
360             String sql = CustomSQLUtil.get(COUNT_BY_GROUPS_PERMISSIONS);
361 
362             sql = StringUtil.replace(
363                 sql, "[$PERMISSION_IDS$]",
364                 getPermissionIds(permissions, "Groups_Permissions"));
365             sql = StringUtil.replace(
366                 sql, "[$GROUP_IDS$]",
367                 getGroupIds(groups, "Groups_Permissions"));
368 
369             SQLQuery q = session.createSQLQuery(sql);
370 
371             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
372 
373             QueryPos qPos = QueryPos.getInstance(q);
374 
375             setPermissionIds(qPos, permissions);
376             setGroupIds(qPos, groups);
377 
378             Iterator<Long> itr = q.list().iterator();
379 
380             if (itr.hasNext()) {
381                 Long count = itr.next();
382 
383                 if (count != null) {
384                     return count.intValue();
385                 }
386             }
387 
388             return 0;
389         }
390         catch (Exception e) {
391             throw new SystemException(e);
392         }
393         finally {
394             closeSession(session);
395         }
396     }
397 
398     public int countByGroupsRoles(
399             List<Permission> permissions, List<Group> groups)
400         throws SystemException {
401 
402         Session session = null;
403 
404         try {
405             session = openSession();
406 
407             String sql = CustomSQLUtil.get(COUNT_BY_GROUPS_ROLES);
408 
409             sql = StringUtil.replace(
410                 sql, "[$PERMISSION_IDS$]",
411                 getPermissionIds(permissions, "Roles_Permissions"));
412             sql = StringUtil.replace(
413                 sql, "[$GROUP_IDS$]", getGroupIds(groups, "Groups_Roles"));
414 
415             SQLQuery q = session.createSQLQuery(sql);
416 
417             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
418 
419             QueryPos qPos = QueryPos.getInstance(q);
420 
421             setPermissionIds(qPos, permissions);
422             setGroupIds(qPos, groups);
423 
424             Iterator<Long> itr = q.list().iterator();
425 
426             if (itr.hasNext()) {
427                 Long count = itr.next();
428 
429                 if (count != null) {
430                     return count.intValue();
431                 }
432             }
433 
434             return 0;
435         }
436         catch (Exception e) {
437             throw new SystemException(e);
438         }
439         finally {
440             closeSession(session);
441         }
442     }
443 
444     public int countByRolesPermissions(
445             List<Permission> permissions, List<Role> roles)
446         throws SystemException {
447 
448         Object finderArgs[] = new Object[] {
449             ListUtil.toString(permissions, "permissionId"),
450             ListUtil.toString(roles, "roleId")
451         };
452 
453         Long count = (Long)FinderCacheUtil.getResult(
454             FINDER_PATH_COUNT_BY_ROLES_PERMISSIONS, finderArgs, this);
455 
456         if (count == null) {
457             Session session = null;
458 
459             try {
460                 session = openSession();
461 
462                 String sql = CustomSQLUtil.get(COUNT_BY_ROLES_PERMISSIONS);
463 
464                 sql = StringUtil.replace(
465                     sql, "[$PERMISSION_IDS$]",
466                     getPermissionIds(permissions, "Roles_Permissions"));
467                 sql = StringUtil.replace(
468                     sql, "[$ROLE_IDS$]",
469                     getRoleIds(roles, "Roles_Permissions"));
470 
471                 SQLQuery q = session.createSQLQuery(sql);
472 
473                 q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
474 
475                 QueryPos qPos = QueryPos.getInstance(q);
476 
477                 setPermissionIds(qPos, permissions);
478                 setRoleIds(qPos, roles);
479 
480                 count = (Long)q.uniqueResult();
481             }
482             catch (Exception e) {
483                 throw new SystemException(e);
484             }
485             finally {
486                 if (count == null) {
487                     count = Long.valueOf(0);
488                 }
489 
490                 FinderCacheUtil.putResult(
491                     FINDER_PATH_COUNT_BY_ROLES_PERMISSIONS, finderArgs, count);
492 
493                 closeSession(session);
494             }
495         }
496 
497         return count.intValue();
498     }
499 
500     public int countByUserGroupRole(
501             List<Permission> permissions, long userId, long groupId)
502         throws SystemException {
503 
504         Session session = null;
505 
506         try {
507             session = openSession();
508 
509             String sql = CustomSQLUtil.get(COUNT_BY_USER_GROUP_ROLE);
510 
511             sql = StringUtil.replace(
512                 sql, "[$PERMISSION_IDS$]",
513                 getPermissionIds(permissions, "Roles_Permissions"));
514 
515             SQLQuery q = session.createSQLQuery(sql);
516 
517             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
518 
519             QueryPos qPos = QueryPos.getInstance(q);
520 
521             qPos.add(groupId);
522             setPermissionIds(qPos, permissions);
523             qPos.add(userId);
524 
525             Iterator<Long> itr = q.list().iterator();
526 
527             if (itr.hasNext()) {
528                 Long count = itr.next();
529 
530                 if (count != null) {
531                     return count.intValue();
532                 }
533             }
534 
535             return 0;
536         }
537         catch (Exception e) {
538             throw new SystemException(e);
539         }
540         finally {
541             closeSession(session);
542         }
543     }
544 
545     public int countByUsersPermissions(
546             List<Permission> permissions, long userId)
547         throws SystemException {
548 
549         Session session = null;
550 
551         try {
552             session = openSession();
553 
554             String sql = CustomSQLUtil.get(COUNT_BY_USERS_PERMISSIONS);
555 
556             sql = StringUtil.replace(
557                 sql, "[$PERMISSION_IDS$]",
558                 getPermissionIds(permissions, "Users_Permissions"));
559 
560             SQLQuery q = session.createSQLQuery(sql);
561 
562             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
563 
564             QueryPos qPos = QueryPos.getInstance(q);
565 
566             setPermissionIds(qPos, permissions);
567             qPos.add(userId);
568 
569             Iterator<Long> itr = q.list().iterator();
570 
571             if (itr.hasNext()) {
572                 Long count = itr.next();
573 
574                 if (count != null) {
575                     return count.intValue();
576                 }
577             }
578 
579             return 0;
580         }
581         catch (Exception e) {
582             throw new SystemException(e);
583         }
584         finally {
585             closeSession(session);
586         }
587     }
588 
589     public int countByUsersRoles(List<Permission> permissions, long userId)
590         throws SystemException {
591 
592         Session session = null;
593 
594         try {
595             session = openSession();
596 
597             String sql = CustomSQLUtil.get(COUNT_BY_USERS_ROLES);
598 
599             sql = StringUtil.replace(
600                 sql, "[$PERMISSION_IDS$]",
601                 getPermissionIds(permissions, "Roles_Permissions"));
602 
603             SQLQuery q = session.createSQLQuery(sql);
604 
605             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
606 
607             QueryPos qPos = QueryPos.getInstance(q);
608 
609             setPermissionIds(qPos, permissions);
610             qPos.add(userId);
611 
612             Iterator<Long> itr = q.list().iterator();
613 
614             if (itr.hasNext()) {
615                 Long count = itr.next();
616 
617                 if (count != null) {
618                     return count.intValue();
619                 }
620             }
621 
622             return 0;
623         }
624         catch (Exception e) {
625             throw new SystemException(e);
626         }
627         finally {
628             closeSession(session);
629         }
630     }
631 
632     public List<Permission> findByA_R(String actionId, long[] resourceIds)
633         throws SystemException {
634 
635         Object finderArgs[] = new Object[] {
636             actionId, StringUtil.merge(ArrayUtil.toArray(resourceIds))
637         };
638 
639         List<Permission> list = (List<Permission>)FinderCacheUtil.getResult(
640             FINDER_PATH_FIND_BY_A_R, finderArgs, this);
641 
642         if (list == null) {
643             Session session = null;
644 
645             try {
646                 session = openSession();
647 
648                 String sql = CustomSQLUtil.get(FIND_BY_A_R);
649 
650                 sql = StringUtil.replace(
651                     sql, "[$RESOURCE_IDS$]", getResourceIds(resourceIds));
652 
653                 SQLQuery q = session.createSQLQuery(sql);
654 
655                 q.addEntity("Permission_", PermissionImpl.class);
656 
657                 QueryPos qPos = QueryPos.getInstance(q);
658 
659                 qPos.add(actionId);
660                 setResourceIds(qPos, resourceIds);
661 
662                 list = q.list();
663             }
664             catch (Exception e) {
665                 throw new SystemException(e);
666             }
667             finally {
668                 if (list == null) {
669                     list = new ArrayList<Permission>();
670                 }
671 
672                 FinderCacheUtil.putResult(
673                     FINDER_PATH_FIND_BY_A_R, finderArgs, list);
674 
675                 closeSession(session);
676             }
677         }
678 
679         return list;
680     }
681 
682     public List<Permission> findByG_R(long groupId, long resourceId)
683         throws SystemException {
684 
685         Session session = null;
686 
687         try {
688             session = openSession();
689 
690             String sql = CustomSQLUtil.get(FIND_BY_G_R);
691 
692             SQLQuery q = session.createSQLQuery(sql);
693 
694             q.addEntity("Permission_", PermissionImpl.class);
695 
696             QueryPos qPos = QueryPos.getInstance(q);
697 
698             qPos.add(groupId);
699             qPos.add(resourceId);
700 
701             return q.list();
702         }
703         catch (Exception e) {
704             throw new SystemException(e);
705         }
706         finally {
707             closeSession(session);
708         }
709     }
710 
711     public List<Permission> findByR_R(
712             long roleId, long resourceId) throws SystemException {
713         Session session = null;
714 
715         try {
716             session = openSession();
717 
718             String sql = CustomSQLUtil.get(FIND_BY_R_R);
719 
720             SQLQuery q = session.createSQLQuery(sql);
721 
722             q.addEntity("Permission_", PermissionImpl.class);
723 
724             QueryPos qPos = QueryPos.getInstance(q);
725 
726             qPos.add(roleId);
727             qPos.add(resourceId);
728 
729             return q.list();
730         }
731         catch (Exception e) {
732             throw new SystemException(e);
733         }
734         finally {
735             closeSession(session);
736         }
737     }
738 
739     public List<Permission> findByU_R(long userId, long resourceId)
740         throws SystemException {
741 
742         Session session = null;
743 
744         try {
745             session = openSession();
746 
747             String sql = CustomSQLUtil.get(FIND_BY_U_R);
748 
749             SQLQuery q = session.createSQLQuery(sql);
750 
751             q.addEntity("Permission_", PermissionImpl.class);
752 
753             QueryPos qPos = QueryPos.getInstance(q);
754 
755             qPos.add(userId);
756             qPos.add(resourceId);
757 
758             return q.list();
759         }
760         catch (Exception e) {
761             throw new SystemException(e);
762         }
763         finally {
764             closeSession(session);
765         }
766     }
767 
768     public List<Permission> findByO_G_R(
769             long organizationId, long groupId, long resourceId)
770         throws SystemException {
771 
772         Session session = null;
773 
774         try {
775             session = openSession();
776 
777             String sql = CustomSQLUtil.get(FIND_BY_O_G_R);
778 
779             SQLQuery q = session.createSQLQuery(sql);
780 
781             q.addEntity("Permission_", PermissionImpl.class);
782 
783             QueryPos qPos = QueryPos.getInstance(q);
784 
785             qPos.add(organizationId);
786             qPos.add(groupId);
787             qPos.add(resourceId);
788 
789             return q.list();
790         }
791         catch (Exception e) {
792             throw new SystemException(e);
793         }
794         finally {
795             closeSession(session);
796         }
797     }
798 
799     public List<Permission> findByU_A_R(
800             long userId, String[] actionIds, long resourceId)
801         throws SystemException {
802 
803         Session session = null;
804 
805         try {
806             session = openSession();
807 
808             String sql = CustomSQLUtil.get(FIND_BY_U_R);
809 
810             sql = StringUtil.replace(
811                 sql, "[$ACTION_IDS$]", getActionIds(actionIds));
812 
813             SQLQuery q = session.createSQLQuery(sql);
814 
815             q.addEntity("Permission_", PermissionImpl.class);
816 
817             QueryPos qPos = QueryPos.getInstance(q);
818 
819             qPos.add(userId);
820             qPos.add(resourceId);
821 
822             return q.list();
823         }
824         catch (Exception e) {
825             throw new SystemException(e);
826         }
827         finally {
828             closeSession(session);
829         }
830     }
831 
832     public List<Permission> findByG_C_N_S_P(
833             long groupId, long companyId, String name, int scope,
834             String primKey)
835         throws SystemException {
836 
837         Session session = null;
838 
839         try {
840             session = openSession();
841 
842             String sql = CustomSQLUtil.get(FIND_BY_G_C_N_S_P);
843 
844             SQLQuery q = session.createSQLQuery(sql);
845 
846             q.addEntity("Permission_", PermissionImpl.class);
847 
848             QueryPos qPos = QueryPos.getInstance(q);
849 
850             qPos.add(groupId);
851             qPos.add(companyId);
852             qPos.add(name);
853             qPos.add(scope);
854             qPos.add(primKey);
855 
856             return q.list();
857         }
858         catch (Exception e) {
859             throw new SystemException(e);
860         }
861         finally {
862             closeSession(session);
863         }
864     }
865 
866     public List<Permission> findByU_C_N_S_P(
867             long userId, long companyId, String name, int scope, String primKey)
868         throws SystemException {
869 
870         Session session = null;
871 
872         try {
873             session = openSession();
874 
875             String sql = CustomSQLUtil.get(FIND_BY_U_C_N_S_P);
876 
877             SQLQuery q = session.createSQLQuery(sql);
878 
879             q.addEntity("Permission_", PermissionImpl.class);
880 
881             QueryPos qPos = QueryPos.getInstance(q);
882 
883             qPos.add(userId);
884             qPos.add(companyId);
885             qPos.add(name);
886             qPos.add(scope);
887             qPos.add(primKey);
888 
889             return q.list();
890         }
891         catch (Exception e) {
892             throw new SystemException(e);
893         }
894         finally {
895             closeSession(session);
896         }
897     }
898 
899     protected String getActionIds(String[] actionIds) {
900         StringBuilder sb = new StringBuilder();
901 
902         for (int i = 0; i < actionIds.length; i++) {
903             sb.append("Permission_.actionId = ?");
904 
905             if ((i + 1) < actionIds.length) {
906                 sb.append(" OR ");
907             }
908         }
909 
910         return sb.toString();
911     }
912 
913     protected String getGroupIds(List<Group> groups, String table) {
914         StringBuilder sb = new StringBuilder();
915 
916         for (int i = 0; i < groups.size(); i++) {
917             sb.append(table);
918             sb.append(".groupId = ?");
919 
920             if ((i + 1) < groups.size()) {
921                 sb.append(" OR ");
922             }
923         }
924 
925         return sb.toString();
926     }
927 
928     protected String getPermissionIds(
929         List<Permission> permissions, String table) {
930 
931         StringBuilder sb = new StringBuilder();
932 
933         for (int i = 0; i < permissions.size(); i++) {
934             sb.append(table);
935             sb.append(".permissionId = ?");
936 
937             if ((i + 1) < permissions.size()) {
938                 sb.append(" OR ");
939             }
940         }
941 
942         return sb.toString();
943     }
944 
945     protected String getResourceIds(long[] resourceIds) {
946         StringBuilder sb = new StringBuilder();
947 
948         for (int i = 0; i < resourceIds.length; i++) {
949             sb.append("resourceId = ?");
950 
951             if ((i + 1) < resourceIds.length) {
952                 sb.append(" OR ");
953             }
954         }
955 
956         return sb.toString();
957     }
958 
959     protected String getRoleIds(List<Role> roles, String table) {
960         StringBuilder sb = new StringBuilder();
961 
962         for (int i = 0; i < roles.size(); i++) {
963             sb.append(table);
964             sb.append(".roleId = ?");
965 
966             if ((i + 1) < roles.size()) {
967                 sb.append(" OR ");
968             }
969         }
970 
971         return sb.toString();
972     }
973 
974     protected void setGroupIds(QueryPos qPos, List<Group> groups) {
975         for (Group group : groups) {
976             qPos.add(group.getGroupId());
977         }
978     }
979 
980     protected void setPermissionIds(
981         QueryPos qPos, List<Permission> permissions) {
982 
983         for (Permission permission : permissions) {
984             qPos.add(permission.getPermissionId());
985         }
986     }
987 
988     protected void setResourceIds(QueryPos qPos, long[] resourceIds) {
989         for (long resourceId : resourceIds) {
990             qPos.add(resourceId);
991         }
992     }
993 
994     protected void setRoleIds(QueryPos qPos, List<Role> roles) {
995         for (Role role : roles) {
996             qPos.add(role.getRoleId());
997         }
998     }
999 
1000}